WAB
Company Details
Linkedin ID:
western-alliance-bank
Employees number:
3,857
Number of followers:
29,831
NAICS:
52211
Industry Type:
Homepage:
westernalliancebancorporation.com
IP Addresses:
0
Company ID:
WES_2083183
Scan Status:
In-progress
Western Alliance Bank Company CyberSecurity Posture
westernalliancebancorporation.com
Western Alliance Bancorporation (NYSE: WAL) is one of the country’s top-performing banking companies. Its primary subsidiary, Western Alliance Bank, Member FDIC, offers a full spectrum of tailored commercial banking solutions and consumer products, all delivered with outstanding service by banking and mortgage experts who put customers first. Serving clients across the country wherever business happens, Western Alliance Bank operates individual, full-service banking and financial brands with offices in key markets nationwide.
Western Alliance Bank A.I CyberSecurity Scoring
WAB Risk Score (AI oriented)Between 600 and 649
WAB
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
WAB Global Score (TPRM)XXXX
WAB
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
WAB Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
Western Alliance Bank
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Arizona Attorney General's Office reported a data breach involving Western Alliance Bank on January 27, 2025. The breach occurred between October 12, 2024, and October 24, 2024, when a third-party vendor's secure file transfer software was exploited, potentially exposing personal information including names and Social Security numbers. The number of affected individuals is currently unknown.
Western Alliance Bank
Ransomware
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Arizona-based Western Alliance Bank experienced a security breach after an attack on a third-party file transfer program which compromised personal data of 21,899 individuals. The attack, which occurred between October 12 and 24, led to unauthorized access and exfiltration of names, Social Security numbers, birthdates, driver's license numbers, tax identification numbers, passports, and financial account numbers. The Clop ransomware operation claimed responsibility, alleging the exploit was via a vulnerability in the Cleo file sharing tool. The incident's ramifications extended to other companies such as Hewlett Packard Enterprise and Thomson Reuters, prompting further investigations.
WAB Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for WAB
Incidents vs Banking Industry Average (This Year)
Western Alliance Bank has 4.17% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Western Alliance Bank has 28.21% more incidents than the average of all companies with at least one recorded incident.
Incident Types WAB vs Banking Industry Avg (This Year)
Western Alliance Bank reported 1 incidents this year: 0 cyber attacks, 1 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — WAB (X = Date, Y = Severity)
WAB cyber incidents detection timeline including parent company and subsidiaries
WAB Company Subsidiaries
Western Alliance Bancorporation (NYSE: WAL) is one of the country’s top-performing banking companies. Its primary subsidiary, Western Alliance Bank, Member FDIC, offers a full spectrum of tailored commercial banking solutions and consumer products, all delivered with outstanding service by banking and mortgage experts who put customers first. Serving clients across the country wherever business happens, Western Alliance Bank operates individual, full-service banking and financial brands with offices in key markets nationwide.
Loading...
WAB Similar Companies
Founded in 1908 by Maharaja Sir Sayaji Rao Gaekwad III, Bank of Baroda is a top notch Public Sector Bank with a business of around Rs.10 trillion and network of 8100+ branches of which 105 overseas branches / offices are located in 17 countries excluding India spanning across Europe, US, Africa, As
Bandhan Bank
Started as a universal bank on August 23, 2015, Bandhan Bank is one of India’s fastest-growing private sector banks. Bandhan Bank has always been committed to financial inclusion and aims to serve the underserved. Guided by the principle of ‘Aapka Bhala, Sabki Bhalai,’ the Bank is dedicated not only
Banamex
En Banamex una palabra nos ha definido durante nuestra historia: Estar. Estar es acompañar. Estar es avanzar juntos. Acompañar para forjar relaciones auténticas, duraderas, significativas, que nos den confianza y nos impulsen a alcanzar aquello que es importante para ti, para nosotros, para todos.
Industrial and Commercial Bank of China Ltd. (ICBC) (simplified Chinese: 中国工商银行; traditional Chinese: 中國工商銀行; pinyin: Zhōngguó Gōngshāng Yínháng, more commonly just 工行 Gōngháng) is China's largest bank and the largest bank in the world. It is one of China's "Big Four" state-owned commercial banks (t
Bank Mega
Perjalanan Bank Mega berawal pada tahun 1969, dengan nama PT Bank Karman di Surabaya. Kemudian bertransformasi menjadi Mega Bank pada tahun 1992, dan berpindah lokasi ke Jakarta. Pada tahun 1996, Chairul Tanjung dengan PARA GROUP, yang kini dikenal dengan CT Corpora, mengambil alih dan membuat gebra
FAB, the UAE’s largest bank and one of the world’s largest financial institutions offers a an extensive range of tailor-made solutions, and products and services, to provide a customised banking experience. Through its strategic offerings, it looks to meet the banking needs of customers across the w
AU SMALL FINANCE BANK
The dream started two decades ago by Mr. Sanjay Agarwal, a merit holder Chartered Accountant and a first generation entrepreneur, along with his proficient team. Together, the dexterous team embarked on a journey of excellence while enriching lives along the way. What started off as a dream to be
CIMB Niaga
CIMB Niaga was established as Bank Niaga in 1955. CIMB Group holds around 97.9% of the stakes in CIMB Niaga (including PT Commerce Kapital 1.02%). The Bank offers a comprehensive suite of both conventional and Islamic banking products and services, through an expanding delivery channel network of 91
Our ambition is simple: to succeed with our customers. Because when they succeed, so do we. Whether it’s buying a home, investing for tomorrow, growing a business, or helping our customers to build a more sustainable future, we can succeed with customers by understanding their world and what matte
.png)
WAB CyberSecurity News
December 15, 2025 03:49 PM
Recent Cybersecurity Appointments (Dec 15)
Geoff Belknap – Microsoft Geoff Belknap has been promoted to Operating CISO for Core and Enterprise at Microsoft, where he now oversees...
December 15, 2025 12:27 AM
How Investors Are Reacting To Western Alliance (WAL) Strengthening Cybersecurity and Risk Oversight on Its Board
Western Alliance Bancorporation recently appointed cybersecurity expert Dr. Michael Papay and veteran risk executive Clarke Starnes III to...
December 11, 2025 10:11 PM
Western Alliance adds cybersecurity and risk experts to board
PHOENIX - Western Alliance Bancorporation (NYSE:WAL) has appointed two new members to its Board of Directors as the bank approaches the $100...
December 11, 2025 09:15 PM
Western Alliance Bancorporation adds two directors to board
Western Alliance Bancorporation (NYSE: WAL) appointed two new members to its Board of Directors, adding expertise in cybersecurity and risk...
December 11, 2025 09:14 PM
Western Alliance Bancorporation Appoints Two New Board Members
Former Chief Risk Officer of Top 25 U.S. Bank and Cybersecurity Expert Join Board. PHOENIX, December 11, 2025--(BUSINESS WIRE)--Western...
December 11, 2025 09:14 PM
Western Alliance Bancorporation Announces Board Appointments
Western Alliance Bancorporation announced the appointment of two distinguished leaders to its Board of Directors, adding sizable expertise...
December 10, 2025 04:19 PM
Bank Without Worry at the 10 Safest Banks in the U.S.
Explore the top 10 safest banks in the U.S. and uncover the key features that make them secure, from FDIC insurance to cutting-edge security...
December 10, 2025 08:00 AM
Western Alliance Expands Board with Strategic Appointments
Western Alliance ( ($WAL) ) has issued an announcement. On December 10, 2025, Western Alliance Bancorporation appointed Dr. Michael Papay...
November 12, 2025 08:00 AM
Western Alliance Bank Business Escrow Services Appoints Brad Alvarez to Lead Buildout of Sponsor and Strategic Partnerships Focus
PHOENIX, November 12, 2025--Western Alliance Bank today announced that Brad Alvarez has joined its rapidly growing Business Escrow Services...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
WAB CyberSecurity History Information
Official Website of Western Alliance Bank
The official website of Western Alliance Bank is https://www.westernalliancebancorporation.com.
Western Alliance Bank’s AI-Generated Cybersecurity Score
According to Rankiteo, Western Alliance Bank’s AI-generated cybersecurity score is 630, reflecting their Poor security posture.
How many security badges does Western Alliance Bank’ have ?
According to Rankiteo, Western Alliance Bank currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Western Alliance Bank have SOC 2 Type 1 certification ?
According to Rankiteo, Western Alliance Bank is not certified under SOC 2 Type 1.
Does Western Alliance Bank have SOC 2 Type 2 certification ?
According to Rankiteo, Western Alliance Bank does not hold a SOC 2 Type 2 certification.
Does Western Alliance Bank comply with GDPR ?
According to Rankiteo, Western Alliance Bank is not listed as GDPR compliant.
Does Western Alliance Bank have PCI DSS certification ?
According to Rankiteo, Western Alliance Bank does not currently maintain PCI DSS compliance.
Does Western Alliance Bank comply with HIPAA ?
According to Rankiteo, Western Alliance Bank is not compliant with HIPAA regulations.
Does Western Alliance Bank have ISO 27001 certification ?
According to Rankiteo,Western Alliance Bank is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Western Alliance Bank
Western Alliance Bank operates primarily in the Banking industry.
Number of Employees at Western Alliance Bank
Western Alliance Bank employs approximately 3,857 people worldwide.
Subsidiaries Owned by Western Alliance Bank
Western Alliance Bank presently has no subsidiaries across any sectors.
Western Alliance Bank’s LinkedIn Followers
Western Alliance Bank’s official LinkedIn profile has approximately 29,831 followers.
NAICS Classification of Western Alliance Bank
Western Alliance Bank is classified under the NAICS code 52211, which corresponds to Commercial Banking.
Western Alliance Bank’s Presence on Crunchbase
No, Western Alliance Bank does not have a profile on Crunchbase.
Western Alliance Bank’s Presence on LinkedIn
Yes, Western Alliance Bank maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/western-alliance-bank.
Cybersecurity Incidents Involving Western Alliance Bank
As of December 26, 2025, Rankiteo reports that Western Alliance Bank has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
Western Alliance Bank has an estimated 7,109 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Western Alliance Bank ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware and Breach.
Incident Details
Can you provide details on each incident ?
Title: Western Alliance Bank Data Breach
Description: Arizona-based Western Alliance Bank experienced a security breach after an attack on a third-party file transfer program which compromised personal data of 21,899 individuals.
Date Detected: 2023-10-12
Type: Data Breach
Attack Vector: Third-party file transfer program
Vulnerability Exploited: Cleo file sharing tool
Threat Actor: Clop ransomware operation
Title: Data Breach at Western Alliance Bank
Description: The Arizona Attorney General's Office reported a data breach involving Western Alliance Bank on January 27, 2025. The breach occurred between October 12, 2024, and October 24, 2024, when a third-party vendor's secure file transfer software was exploited, potentially exposing personal information including names and Social Security numbers. The number of affected individuals is currently unknown.
Date Detected: 2025-01-27
Date Publicly Disclosed: 2025-01-27
Type: Data Breach
Attack Vector: Exploitation of third-party vendor's secure file transfer software
Vulnerability Exploited: Secure file transfer software
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Cleo file sharing tool.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach WES445032025
Data Compromised: Names, Social security numbers, Birthdates, Driver's license numbers, Tax identification numbers, Passports, Financial account numbers
Incident : Data Breach WES726072525
Data Compromised: Names, Social security numbers
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Social Security Numbers, Birthdates, Driver'S License Numbers, Tax Identification Numbers, Passports, Financial Account Numbers, , Names, Social Security Numbers and .
Which entities were affected by each incident ?
Incident : Data Breach WES445032025
Entity Name: Western Alliance Bank
Entity Type: Bank
Industry: Financial Services
Location: Arizona
Customers Affected: 21,899
Incident : Data Breach WES445032025
Entity Name: Hewlett Packard Enterprise
Entity Type: Company
Industry: Technology
Incident : Data Breach WES445032025
Entity Name: Thomson Reuters
Entity Type: Company
Industry: Information Services
Incident : Data Breach WES726072525
Entity Name: Western Alliance Bank
Entity Type: Bank
Industry: Financial Services
Location: Arizona
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach WES445032025
Type of Data Compromised: Names, Social security numbers, Birthdates, Driver's license numbers, Tax identification numbers, Passports, Financial account numbers
Number of Records Exposed: 21,899
Sensitivity of Data: High
Incident : Data Breach WES726072525
Type of Data Compromised: Names, Social security numbers
Sensitivity of Data: High
Ransomware Information
Was ransomware involved in any of the incidents ?
References
Where can I find more information about each incident ?
Incident : Data Breach WES726072525
Source: Arizona Attorney General's Office
Date Accessed: 2025-01-27
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Arizona Attorney General's OfficeDate Accessed: 2025-01-27.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach WES445032025
Entry Point: Cleo file sharing tool
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Clop ransomware operation.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-10-12.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-01-27.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were names, Social Security numbers, birthdates, driver's license numbers, tax identification numbers, passports, financial account numbers, , Names, Social Security numbers and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Names, tax identification numbers, driver's license numbers, financial account numbers, passports, birthdates, Social Security numbers and names.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 21.9K.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Arizona Attorney General's Office.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Cleo file sharing tool.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /contact_us.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
C-Kermit (aka ckermit) through 10.0 Beta.12 (aka 416-beta12) before 244644d allows a remote Kermit system to overwrite files on the local system, or retrieve arbitrary files from the local system.
Risk Information
cvss3
Base: 8.9
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
Description
Telenium Online Web Application is vulnerable due to a Perl script that is called to load the login page. Due to improper input validation, an attacker can inject arbitrary Perl code through a crafted HTTP request, leading to remote code execution on the server.
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 9.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Express (DX / AF Management Software) before 16.8-16.9.1 PA 2025-12, when collected maintenance data is accessible by a principal/authority other than ETERNUS SF Admin, allows an attacker to potentially affect system confidentiality, integrity, and availability.
Risk Information
cvss3
Base: 5.6
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Description
ONLYOFFICE Docs before 9.2.1 allows XSS in the textarea of the comment editing form. This is related to DocumentServer.
Risk Information
cvss3
Base: 6.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=western-alliance-bank' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
